46 Articles 0 Followers
12 Jul 2020 1 minute read 0 comments lioha369
Returning to the topic of stable coin account freeze, despite all the technical and price risks that arise when using decentralized financial protocols (DeFi), DeFi has one very serious vulnerability that nobody speaks directly. The idea is that the...
26 Jun 2020 2 minute read 0 comments Matthew Rosenquist
Bugcrowd has released some interesting survey data that provides insights into the white-hat vulnerability researcher community. Of note, most researchers were male (94%) and make less than $25k per year finding vulnerabilities. A vast majority were...
21 Jun 2020 6 minute read 5 comments art_of_bug
Welcome to our next episode. Today we open Nebulas. Similarly to IOST, this blockchain project uses Google's V8 JavaScript engine in order to allow smart contracts to be written in JavaScript. Speaking of IOST, after the initial disappointment due to...
6 Jun 2020 2 minute read 1 comment PABarb
On a Saturday morning I find myself very reflective of all the events of last few weeks. As a healthcare clinician being wrapped up in saving lives, educating and preventing the spread of Covid has been my mission as of late. 3 months ago we launched...
23 May 2020 6 minute read 1 comment art_of_bug
Welcome back. Regular readers of our blog know that we usually try to analyse the vulnerabilities very thoroughly which allows us to code functional exploits. Then we execute the exploits in our isolated environment where we run an instance of a main...
18 Apr 2020 2 minute read 0 comments FKlivestolearn
Cryptocurrency wallet provider ZenGo has demonstrated the security flaw using a test net Decentralized Finance (DeFi) has gained a lot of traction in the last year or so. Although the total value of the funds locked in DeFi has halved from the re...
15 Apr 2020 4 minute read 0 comments art_of_bug
Welcome to our next episode. During recent weeks we have spent a lot of time analysing IOST. Unlike the previous projects we have analysed so far, this one is not based on the code of Bitcoin. Therefore there was much more to analyse than before. On...
14 Mar 2020 19 minute read 0 comments art_of_bug
Good to see you again. Today we disclose our third report on Qtum. Previously we have published two articles discussing bypassing protection against header spam (aka Fake Stake) attack and a bug in Qtum regarding setStakeSeen mechanism. Today we pres...
11 Mar 2020 5 minute read 0 comments 0fajarpurnama0
1. Hack Administrative Access Windows 7 The PC was designed for the user to only have standard user account privilege (near guest account) where the user only have the right to read and execute certain data and application. Unlike administrator accou...
16 Feb 2020 10 minute read 0 comments art_of_bug
Nice to see you again. Today we are back to Syscoin. Previously we have published two submissions to the bounty related to the implementation of Sysethereum bridge. Today we present a vulnerability that we found before working on the mentioned bounty...
